/*
 * The contents of this file are subject to the terms of the Common Development and
 * Distribution License (the License). You may not use this file except in compliance with the
 * License.
 *
 * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
 * specific language governing permission and limitations under the License.
 *
 * When distributing Covered Software, include this CDDL Header Notice in each file and include
 * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
 * Header, with the fields enclosed by brackets [] replaced by your own identifying
 * information: "Portions copyright [year] [name of copyright owner]".
 *
 * Copyright 2016 ForgeRock AS.
 * Portions copyright 2025 3A Systems LLC.
 */

package org.forgerock.openam.core.realms;

import jakarta.inject.Named;
import jakarta.inject.Provider;
import jakarta.inject.Singleton;
import java.security.AccessController;
import java.security.PrivilegedAction;

import com.google.inject.PrivateModule;
import com.google.inject.Provides;
import com.iplanet.sso.SSOException;
import com.iplanet.sso.SSOToken;
import com.sun.identity.idm.IdConstants;
import com.sun.identity.sm.SMSException;
import com.sun.identity.sm.ServiceConfigManager;
import org.forgerock.guice.core.GuiceModule;

/**
 * Guice module for realm specific bindings.
 *
 * @since 14.0.0
 */
@GuiceModule
public class RealmGuiceModule extends PrivateModule {

    @Override
    protected void configure() {
        requestStaticInjection(Realm.class);

        expose(RealmLookup.class);
    }

    @Provides
    @Singleton
    RealmLookup provideRealms(DefaultRealmLookup delegate,
            @Named(IdConstants.REPO_SERVICE) Provider<ServiceConfigManager> idRepoServiceProvider) {
        return new CachingRealmLookup(delegate, idRepoServiceProvider);
    }

    @Provides
    @Named(IdConstants.REPO_SERVICE)
    ServiceConfigManager provideIdRepoService(Provider<PrivilegedAction<SSOToken>> adminTokenActionProvider) {
        SSOToken adminToken = AccessController.doPrivileged(adminTokenActionProvider.get());
        try {
            return new ServiceConfigManager(adminToken, IdConstants.REPO_SERVICE, "1.0");
        } catch (SMSException | SSOException e) {
            throw new RuntimeException(e);
        }
    }
}
